Cybersecurity is often not taken as seriously as it should be, as if online threats were less harmful than those in real life. Maybe it’s because we’re too laid-back, or maybe we just want to enjoy our cool digital gadgets without the worry of having our accounts hacked, information leaked, or identities stolen. However, online crime is only increasing. To tackle this issue, chat-based microlearning for security awareness training is stepping up as a way to help us learn about staying safe online in a more engaging and effective manner.
How many of us remember to regularly change passwords to our personal emails, bank and shopping accounts? And how many of us are concerned with privacy settings on our social media platforms? Unfortunately, the answer is quite simple – very few. Even though we’re raising the third generation of daily internet users, our basic knowledge of cybersecurity remains low. Given the rising cyber risks, educating employees about cybersecurity has become essential for every business.
Lazy habits in private life extend to the workplace
Let’s say it straight – although we have been increasingly present online for the last twenty years, our digital security habits are far from perfect. New users usually enter the cyber world at a very young age, completely unaware of good cybersecurity practices. What’s more, they often receive minimal guidance or supervision and might even actively resist it.
The extensive use of mobile devices underscores the urgent need to ensure our safety online. Getting online is incredibly easy and sharing personal data takes just a few clicks. Many teens idealistically think their posts on Snapchat, Tiktok, or Instagram will only be seen by friends and family. On the other hand, many hope to “go viral” and become influencers and don’t worry about sharing their location, address or other information.
We also have to stress the fact that our human memories are fundamentally faulty. In order not to forget passwords to 15 different platforms we “help” ourselves by choosing familiar combinations (birthdays, names, or simple sequences) and we use them religiously across several accounts. We let Google remember them for convenience and quick logins. If we notice campaigns for cyber security, we often consider their advice to be “over the top” and let them pass largely unnoticed. This behavior also extends to the workplace.
Online threats seem fake – until they really hurt
To be sure, we have been taught not to open suspiciously looking emails and keep our passwords secure. Yet it seems the threats of the digital world don’t appear as real and harmful as those in the real world. Our understanding of the mechanisms behind data privacy and sharing, the role of VPN, automatic password storage, and many other aspects of cybersecurity is, in the best-case scenario, rudimentary. We are not taught to see through the attempts of manipulation which become increasingly subtle and cunning.
We would like to believe the Internet was a safe place where nobody is interested in stealing our Social Media details. The reality is often exactly the opposite and security breaches happen almost every day. Just at the start of 2023, Reuters informed about a huge leak of email addresses from Twitter (how X was called at the time) – private details of roughly 200 million users have supposedly been published on a hackers’ forum and can possibly be used for illegal purposes such as phishing or doxxing. Sadly, with online attacks and scams on the rise, it’s becoming more and more important for us to be aware and knowledgeable about online security to keep from being harmed.
Cybersecurity in the professional setting
It would seem that, with the increased use of digital tools and platforms in our professional lives and the advent of remote and hybrid working models, we should theoretically become more aware of the possible dangers linked to our online presence. Unfortunately, it’s not the case.
While flawed cybersecurity habits can potentially be dangerous when applied to personal use of the web, they become even riskier in professional life as a security breach in a company’s servers, online platforms, or databases can cause considerable financial, legal, and reputational damage.
A simple, common mistake can lead to a serious security breach and leaks. On this account, regular cybersecurity awareness training has become a staple in most workplaces. But is it effective? A typical model of security training involves a once-a-year email or e-learning reminding everyone about the most common forms of cybercrime to look out for, the usual mistakes to avoid, and a memo to change the password. Arguably, this won’t get the job done.
Once a year is not enough
How to incorporate more regular and effective security awareness training into the working schedules of busy professionals? One should not expect already busy employees to take lengthy courses on top of their usual duties. Learning should be easy and engaging, using methods and technologies already familiar to the learners.
At eggheads, we believe in meeting people where they already are. And that is on their mobile devices and more specifically, in their chats. Chat-based microlearning is an up-and-coming model of microlearning which employs short, scripted lessons delivered via chat messages. Every subject is first boiled down to its essence, then organized into small digestible chunks, so-called learning nuggets. Finally, a scripted lesson presents the condensed knowledge in a funny, approachable way.
Conversational microlearning provides a uniquely personalized experience thanks to pre-designed loops in the script, which enable the learner to skip the part of the lesson they know and jump directly to the new knowledge. In addition, AI provides personalized feedback to a user’s answer based on a company’s own guidelines, policies or other material. By delivering short, sweet, and efficient training sessions (lasting no more than 1-2 minutes) chatbots help to refresh employees’ memory and keep them up to date with the latest cybersecurity best practice.
Chat-based Microlearning for Security Awareness Training
Chat-based microlearning for security awareness training can make a huge impact on how we are educating secure online behavior in the professional setting. Firstly, the operating mode of this solution allows for quick changes and updates of the learning material, a clear advantage over presentation/email-based training. Technology and business move fast – and so do cybercriminals. What was valid yesterday, might not be valid tomorrow. With short, editable scripts, necessary updates can be made and deployed in an instant.
Secondly, chat-based microlearning focuses only on the core message making learning quick and efficient. It takes no time at all to finish a lesson. Thirdly, learning doesn’t feel like learning: with the solution delivering the knowledge in a familiar form of a chat, finishing the lesson feels like having a chat with a colleague over a lunch break. The personalized feedback delivered by the AI is as if every employee gets their own tutor.
Finally, conversational microlearning increases personal engagement. Instead of passively listening to a presentation, and dreaming of a coffee break, learners actively drive the conversation forward and interact with the cybersecurity awareness chatbot.
Cybersecurity is one of the core topics in today’s business world. Implementing better cybersecurity awareness training in the workplace is paramount: it will not only help to prevent significant financial losses on the company’s level, but it might also trigger a positive change in the private use of the web. With conversational microlearning solutions at hand, it’s never been easier to make training easy, efficient, and engaging. Let’s make the change together.